一段ADSI和EXCHANGE结合的示范代码

在独孤九剑兄的帮助下，完成了这段代码

包括nt用户的建立，exchange邮箱的建立，两者的结合，权限的设置

本代码在nt4.0+sp6+exchange5.5+adsi2.5下运行通过

建立以后的用户可以直接收发信件，是一个简化版本的web mail access

adsi_exchange.asp
———————————————————————–

<%
set sid = createobject("adssid")
set sec = createobject("adssecurity")
set ace = createobject("accesscontrolentry")

—————————————————————————-
— 如果没有安装adsi2.5的安全库要手工定义以下参数
—————————————————————————–
const ads_sid_hexstring = 1
const ads_sid_winnt_path = 5
const ads_right_exch_modify_user_att = &h2
const ads_right_exch_mail_send_as = &h8
const ads_right_exch_mail_receive_as = &h10

——————————————————-
—–创建邮箱步骤———————-
——————————————————–

—- 基本信息
server1 = "114domainserver"
org = "114online"
site = "exchange"
domain = "exchange"
username = "liuoo"
password = "43444"

— 邮箱信息 —–
strdisplayname = "rtrtrt"
strfirstname = "gfgf"
strlastname = "fgfgfg"
stralias = username
strmta = "cn=microsoft mta,cn=" & server1 & ",cn=servers,cn=configuration,ou=" & site & ",o=" & org
strmdb = "cn=microsoft private mdb,cn=" & server1 & ",cn=servers,cn=configuration,ou=" & site & ",o=" & org
strsmtpaddr = "ewwe@114online.com"

—— 建立一个nt用户
set dom = getobject("winnt://" & domain)
set usr = dom.create("user", username)
on error resume next
usr.setinfo
if err.number <> 0 then
   response.write "111"
   response.write err.description
   response.end
end if
usr.setpassword password

— 创建邮箱
adspath = "ldap://" + server1
adspath = adspath + "/cn=recipients,ou="
adspath = adspath + site
adspath = adspath + ",o="
adspath = adspath + org

set objcont = getobject(adspath)

create a new mailbox
set mailbox = objcont.create("organizationalperson", "cn=" & stralias)
mailbox.put "mailpreferenceoption", 0
mailbox.put "givenname", strfirstname
mailbox.put "sn", strlastname
mailbox.put "cn", strdisplayname
mailbox.put "uid", stralias
mailbox.put "home-mta", strmta
mailbox.put "home-mdb", strmdb
mailbox.put "mail", strsmtpaddr
mailbox.put "mapi-recipient", true
mailbox.put "rfc822mailbox", strsmtpaddr

——————————————————–
  与nt用户联系
———————————————————
sid.setas ads_sid_winnt_path, "winnt://" & domain & "/" & stralias & ",user"
sidhex = sid.getas(ads_sid_hexstring)
mailbox.put "assoc-nt-account", sidhex

完成设置
mailbox.setinfo

————————————————-
更改安全设置
————————————————-
set sd = sec.getsecuritydescriptor(mailbox.adspath)
set dacl = sd.discretionaryacl
ace.trustee = domain & "\" & stralias
ace.accessmask = ads_right_exch_modify_user_att or ads_right_exch_mail_send_as or ads_right_exch_mail_receive_as
ace.acetype = ads_acetype_access_allowed
dacl.addace ace
sd.discretionaryacl = dacl
sec.setsecuritydescriptor sd

response.write "successful"
%>

————————————————————————
请注意权限的设置